I don’t know anything about the design of the E2EE, but would it be feasible to build in options to allow users to choose whether key verification is blocking or non-blocking?

Of note, OWS points out “If WA chose “blocking” for users who enabled change notifications, it’d leak to server who has notifications on or off.” ( https://twitter.com/whispersystems/status/820037206412640256 )There’s some weakness to this design in any case — unless the app key verification is blocking. Are there other weaknesses to giving options like these?

Mathematician; Insecurity Princess

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store